PT-2022-24070 · Phicomm · Phicomm Fir300B A2+3
Published
2022-09-07
·
Updated
2022-09-12
·
CVE-2022-37780
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers version 3.0.1.17
Description
The issue is related to a remote command execution vulnerability. This vulnerability can be exploited via the
pingAddr parameter of the tracert function.Recommendations
For Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers version 3.0.1.17, consider restricting access to the
tracert function to minimize the risk of exploitation. Avoid using the pingAddr parameter in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phicomm Fir151B A2
Phicomm Fir300B A2
Phicomm Fir302E A2
Phicomm Fir303B A2